CVE-2019-18660

Updated: 2023-12-06

CWE: Information Exposure

Description:

The Linux kernel before 5.4.1 on powerpc allows Information Exposure because the Spectre-RSB mitigation is not in place for all applicable CPUs, aka CID-39e72bf96f58. This is related to arch/powerpc/kernel/entry_64.S and arch/powerpc/kernel/security.c.

CVSS3: 4.7


Vendor State

OS Vendor version Errata
RHEL 6 2.6.32-754.31.1.el6 RHSA-2020:2933
RHEL 7 3.10.0-1127.el7 RHSA-2020:1016
Ubuntu 18.04 4.15.0-74.84 USN-4227-1
Ubuntu 16.04 4.4.0-171.200 USN-4228-1
Ubuntu 18.04 AWS 4.15.0-1057.59 USN-4227-1
Ubuntu 16.04 AWS 4.4.0-1100.111 USN-4228-1
Ubuntu 18.04 HWE 5.3.0-26.28~18.04.1 USN-4225-2
Ubuntu 16.04 HWE 4.15.0-74.83~16.04.1 USN-4227-1
Ubuntu 16.04 AWS HWE 4.15.0-1057.59~16.04.1 USN-4227-1
CentOS 7 3.10.0-1127.el7 CESA-2020:1016
CentOS 6 2.6.32-754.31.1.el6 CESA-2020:2933
CentOS 7 plus 3.10.0-1127.el7.centos.plus CESA-2020:1016
CentOS 6 plus 2.6.32-754.31.1.el6.centos.plus CESA-2020:2933
Oracle Linux 6 2.6.32-754.31.1.el6 ELSA-2020-2933
Oracle Linux 7 3.10.0-1127.el7 ELSA-2020-1016
Ubuntu 16.04 GCP 4.15.0-1052.56 USN-4227-1
RHEL 8 4.18.0-147.8.1.el8_1 RHSA-2020:1372
Ubuntu 19.04 5.0.0-38.41 USN-4226-1
Ubuntu 18.04 Azure 5.0.0-1028.30~18.04.1 USN-4226-1
Ubuntu 16.04 Azure 4.15.0-1066.71 USN-4227-1
Oracle Linux 8 4.18.0-147.8.1.el8_1 ELSA-2020-1372
Ubuntu 19.10 5.3.0-26.28 USN-4225-1
Ubuntu 18.04 Azure Eoan 5.3.0-1009.10~18.04.1 USN-4225-1

KernelCare State

OS Original kernel version State
RHEL 6
Will Not Fix
RHEL 7
Ready For Release
Ubuntu 18.04
Ready For Release
Ubuntu 16.04
Ready For Release
Ubuntu 18.04 AWS
Ready For Release
Ubuntu 16.04 AWS
Ready For Release
Ubuntu 18.04 HWE
Ready For Release
Ubuntu 16.04 HWE
Ready For Release
Ubuntu 16.04 AWS HWE
Ready For Release
Debian 9
Ready For Release
Debian 8 backports
Ready For Release
CentOS 7
Ready For Release
CentOS 6
Will Not Fix
CentOS 7 plus
Ready For Release
CentOS 6 plus
Will Not Fix
Oracle Linux 6
Will Not Fix
Oracle Linux 7
Ready For Release
Proxmox VE 5
Ready For Release
Ubuntu 18.04 GCP
Ready For Release
Ubuntu 16.04 GCP
Ready For Release
CentOS 6 alt
Ready For Release
CentOS 7 alt
Ready For Release
RHEL 8
Ready For Release
Debian 10
Ready For Release
Proxmox VE 6
Ready For Release
Ubuntu 19.04
Ready For Release
Proofpoint
Ready For Release
OEL 6 Dell
Ready For Release
OEL 7 Dell
Ready For Release
OEL 8 Dell
Ready For Release
Ubuntu 18.04 Azure
Ready For Release
Ubuntu 16.04 Azure
Ready For Release
Oracle Linux 8
Ready For Release
CloudLinux OS 8
Ready For Release
CloudLinux OS 7h
Ready For Release
Debian 10 cloud
Ready For Release
Debian 9 backports
Ready For Release
Ubuntu 19.10
Will Not Fix
Ubuntu 18.04 Azure Eoan
Will Not Fix